permit access on date/hour intervals and policy.conf problem
Franz Angeli
franz.angeli at gmail.com
Tue May 19 20:35:28 CEST 2015
now i'm using:
ATTRIBUTE System-Date 3002 date
ATTRIBUTE Start_Time 3000 date
ATTRIBUTE Stop_Time 3001 date
and in policy.conf
policy {
sql
check_validity {
update control {
System-Date := "%l"
}
if (control:Start_Time > control:System-Date) {
update reply {
Reply-Message := "account not yet active"
}
reject
}
if (control:Stop_Time < control:System-Date) {
update reply {
Reply-Message := "account no longer active"
}
reject
}
}
in this way i have error:
++- entering policy check_validity {...}
expand: %l -> 1432060355
+++[control] returns noop
+++? if (control:Start_Time > control:System-Date)
Failed parsing "control:System-Date": failed to parse time string
"control:System-Date"
+++? if (control:Stop_Time < control:System-Date)
Failed parsing "control:System-Date": failed to parse time string
"control:System-Date"
++- policy check_validity returns noop
2015-05-19 20:11 GMT+02:00 Alan DeKok <aland at deployingradius.com>:
> On May 19, 2015, at 1:42 PM, Franz Angeli <franz.angeli at gmail.com> wrote:
>
>> in this way i have:
>>
>> sql
>> policy {
>>
>> check_validity {
>
> That's... weird. The policies SHOULD go into raddb/policy.conf. Then, just use the policy name:
>
> ...
> sql
> check_validity
> ...
>
>> but it seems doesnt' work
>>
>> ++[sql] returns ok
>> ++- entering policy check_validity {...}
>> expand: %l -> 1432057169
>> +++[control] returns noop
>> +++? if (Start_Time > control:System-Date)
>
> Try using control:Start_Time. See the WIki for how the rlm_sql module works.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list